Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cd0a81-64b9-4cec-bad8-8ec1bf9fda2b/1/xBIT4PfyqTeMr9EZAxQSDFw_tsM.roa
File: xBIT4PfyqTeMr9EZAxQSDFw_tsM.roa (raw, json)
Hash identifier: +1108t61ZAdcCTRierOezlIx1u0lJ4yi+OpdSaQwRQk=
Subject key identifier: C4:12:13:E0:F7:F2:A9:37:8C:AF:D1:19:03:14:12:0C:5C:3F:B6:C3
Certificate issuer: /CN=4f4777d49134eab75a79c111832ad7ece7267145
Certificate serial: 01990BBB1DCB2C4934E5007930BD726BC3A7
Authority key identifier: 4F:47:77:D4:91:34:EA:B7:5A:79:C1:11:83:2A:D7:EC:E7:26:71:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T0d31JE06rdaecERgyrX7OcmcUU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cd0a81-64b9-4cec-bad8-8ec1bf9fda2b/1/xBIT4PfyqTeMr9EZAxQSDFw_tsM.roa
Signing time: Tue 02 Sep 2025 18:40:36 +0000
ROA not before: Tue 02 Sep 2025 18:40:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215423
IP address blocks: 193.176.36.0/24 maxlen: 24
2a14:bc0::/29 maxlen: 29
2a14:bc0::/48 maxlen: 48
2a14:bc0:1::/48 maxlen: 48
2a14:bc0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cd0a81-64b9-4cec-bad8-8ec1bf9fda2b/1/T0d31JE06rdaecERgyrX7OcmcUU.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cd0a81-64b9-4cec-bad8-8ec1bf9fda2b/1/T0d31JE06rdaecERgyrX7OcmcUU.mft
rsync://rpki.ripe.net/repository/DEFAULT/T0d31JE06rdaecERgyrX7OcmcUU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 00:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0b:bb:1d:cb:2c:49:34:e5:00:79:30:bd:72:6b:c3:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f4777d49134eab75a79c111832ad7ece7267145
Validity
Not Before: Sep 2 18:40:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c41213e0f7f2a9378cafd1190314120c5c3fb6c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a6:b4:65:a6:9f:94:9f:22:bc:50:d3:c3:3d:
d0:07:91:73:82:9c:e8:8f:b3:0d:0f:33:42:d1:2c:
fe:7b:c3:23:bd:8a:e2:dd:a8:f5:0b:61:ed:8a:45:
fd:d7:95:e7:9c:0d:c4:6d:40:0b:50:d5:0f:eb:83:
bd:4f:77:cd:29:ef:a1:f3:29:c5:a4:ef:7b:5b:36:
dc:3e:12:c8:81:ef:2e:b3:5b:06:d6:5f:ce:50:19:
e8:04:ab:01:7b:b3:fc:4e:ba:f8:ab:62:f2:58:0a:
a7:6d:ba:6b:a5:29:00:b2:c1:10:39:ff:63:7e:bf:
ce:46:ca:bd:48:d5:df:9a:15:95:4c:c8:e3:45:54:
a8:76:2a:5b:e9:fb:f4:52:0f:8f:97:c5:cd:7c:0c:
84:f0:67:d8:a5:6a:0e:15:4c:35:55:fb:31:33:3a:
5e:36:49:31:80:17:49:b6:6b:99:90:7d:5c:65:04:
56:bc:ca:45:a4:2d:00:33:64:9f:93:0c:f3:80:e9:
a2:45:07:b6:e1:7c:45:72:ec:a2:b1:40:58:fc:eb:
ee:7c:86:55:01:60:74:8a:6c:33:bc:34:a4:b2:34:
b5:9b:90:c4:66:85:a0:27:0b:e6:d1:c6:f8:e4:1d:
46:1a:ed:33:ce:2e:b0:dd:81:41:0e:05:72:7f:c3:
45:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:12:13:E0:F7:F2:A9:37:8C:AF:D1:19:03:14:12:0C:5C:3F:B6:C3
X509v3 Authority Key Identifier:
keyid:4F:47:77:D4:91:34:EA:B7:5A:79:C1:11:83:2A:D7:EC:E7:26:71:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T0d31JE06rdaecERgyrX7OcmcUU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cd0a81-64b9-4cec-bad8-8ec1bf9fda2b/1/xBIT4PfyqTeMr9EZAxQSDFw_tsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cd0a81-64b9-4cec-bad8-8ec1bf9fda2b/1/T0d31JE06rdaecERgyrX7OcmcUU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.36.0/24
IPv6:
2a14:bc0::/29
Signature Algorithm: sha256WithRSAEncryption
6d:a7:bb:f8:0c:2f:cf:0a:16:e1:b1:06:6b:20:94:d6:2c:dd:
cc:e0:e1:0d:9b:b8:bd:d8:b8:35:4c:36:91:65:03:ca:53:3f:
fc:c2:a5:a4:08:f0:ac:ba:49:d7:c0:15:b2:49:4a:64:b7:1c:
2d:a2:6c:de:85:1b:41:7e:ec:50:2a:c1:2b:74:1b:6f:83:8c:
10:78:6e:ce:2b:dd:20:5a:d4:bf:5b:c5:3e:d6:e7:65:3b:dd:
9e:4c:7a:ea:63:80:09:40:fb:dd:7f:52:6e:75:9c:69:6a:d1:
ff:6e:7e:dc:23:37:2f:82:7b:1b:0c:ed:16:93:cb:21:b7:f3:
f1:6e:10:92:ed:bc:13:fa:94:88:a9:97:95:ba:3a:dc:50:8d:
a4:1f:d5:f5:0b:3a:4b:98:c3:ef:fc:7c:70:1e:32:8a:84:ac:
ba:a1:17:38:fe:a5:4a:b5:92:21:ef:c8:75:96:ed:be:4f:72:
6d:df:a0:67:e4:de:5c:e3:15:46:ce:10:c3:63:ed:19:ee:8d:
94:df:14:6b:33:45:22:a6:76:b5:3d:ca:87:5f:93:07:67:8f:
07:ea:89:b7:60:08:fb:75:d1:f3:8d:6f:c2:90:9f:21:83:dc:
c7:b0:39:82:b5:29:f9:7d:1a:67:74:f7:a9:1a:07:b9:52:19:
d8:a8:0f:ca
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZkLux3LLEk05QB5ML1ya8OnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmNDc3N2Q0OTEzNGVhYjc1YTc5YzExMTgzMmFkN2VjZTcy
NjcxNDUwHhcNMjUwOTAyMTg0MDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDEyMTNlMGY3ZjJhOTM3OGNhZmQxMTkwMzE0MTIwYzVjM2ZiNmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKa0ZaaflJ8ivFDTwz3QB5Fzgpzo
j7MNDzNC0Sz+e8MjvYri3aj1C2HtikX915XnnA3EbUALUNUP64O9T3fNKe+h8ynF
pO97WzbcPhLIge8us1sG1l/OUBnoBKsBe7P8Trr4q2LyWAqnbbprpSkAssEQOf9j
fr/ORsq9SNXfmhWVTMjjRVSodipb6fv0Ug+Pl8XNfAyE8GfYpWoOFUw1VfsxMzpe
NkkxgBdJtmuZkH1cZQRWvMpFpC0AM2SfkwzzgOmiRQe24XxFcuyisUBY/OvufIZV
AWB0imwzvDSksjS1m5DEZoWgJwvm0cb45B1GGu0zzi6w3YFBDgVyf8NF5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMQSE+D38qk3jK/RGQMUEgxcP7bDMB8GA1UdIwQY
MBaAFE9Hd9SRNOq3WnnBEYMq1+znJnFFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDBkMzFKRTA2cmRhZWNFUmd5clg3T2NtY1VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jZDBhODEtNjRiOS00Y2VjLWJhZDgt
OGVjMWJmOWZkYTJiLzEveEJJVDRQZnlxVGVNcjlFWkF4UVNERndfdHNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jZDBhODEtNjRiOS00Y2VjLWJhZDgtOGVjMWJmOWZkYTJi
LzEvVDBkMzFKRTA2cmRhZWNFUmd5clg3T2NtY1VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwbAkMA0E
AgACMAcDBQMqFAvAMA0GCSqGSIb3DQEBCwUAA4IBAQBtp7v4DC/PChbhsQZrIJTW
LN3M4OENm7i92Lg1TDaRZQPKUz/8wqWkCPCsuknXwBWySUpktxwtomzehRtBfuxQ
KsErdBtvg4wQeG7OK90gWtS/W8U+1udlO92eTHrqY4AJQPvdf1JudZxpatH/bn7c
IzcvgnsbDO0Wk8sht/PxbhCS7bwT+pSIqZeVujrcUI2kH9X1CzpLmMPv/HxwHjKK
hKy6oRc4/qVKtZIh78h1lu2+T3Jt36Bn5N5c4xVGzhDDY+0Z7o2U3xRrM0Uipna1
PcqHX5MHZ48H6om3YAj7ddHzjW/CkJ8hg9zHsDmCtSn5fRpndPepGge5UhnYqA/K
-----END CERTIFICATE-----
Generated at Mon Sep 8 09:46:00 2025 by rpki-client